Changelog

Every feature, improvement, and fix — newest first.

v1.2

Heartbeat monitoring, Lighthouse audits & 5-region checks

New: Heartbeat / Cron Job monitoring

Never miss a silent cron failure again. Create a heartbeat monitor, add one curl line to your script, and get alerted the moment a scheduled job doesn't check in on time.

  • Configurable period and grace window
  • Alert after 1 missed heartbeat or N consecutive misses
  • Full ping history with time-between-pings chart
  • Works with any language, framework, or platform

New: Lighthouse performance monitoring

Track Core Web Vitals and Lighthouse scores over time. Automatically audits performance, accessibility, SEO, and best practices on a schedule and alerts you when any score drops below your configured threshold.

Available on Business plan and above.

New: 5-region monitoring

Your sites are now checked from 5 global regions simultaneously. An alert requires confirmation from at least 2 regions — eliminating false positives from regional network blips while catching real outages fast. Regions: US East, US West, EU West, AP Southeast, AP South.

New: Application Health Check monitoring

Go beyond HTTP 200. Point siteRabbit at your /health endpoint and assert specific fields in the JSON response — check that status === "ok", queue.depth < 100, or any other field your app exposes.

Improvements

  • Notification channels now support per-event-type filtering — route SSL warnings to email and downtime alerts to PagerDuty without duplication
  • Maintenance period scheduling: schedule windows in advance, checks pause automatically during the window
  • Response time charts now show p50, p95, and 7-day / 30-day / 90-day ranges
  • Status pages: embeddable badge now available in SVG and PNG formats
  • Dashboard: 30-second auto-refresh for active incidents

Fixes

  • SSL certificate chain validation now correctly handles cross-signed roots
  • Heartbeat monitors with a 7-day period no longer fire false-positive missed-heartbeat alerts after a plan upgrade
  • Status page subscriber notifications now send within 60 seconds of incident creation (was up to 5 minutes)
v1.1

v1.1 — Google OAuth, Encryption at Rest, Lighthouse Monitors

v1.1 — June 15, 2026

New

  • Sign in with Google — OAuth via Google Identity Services. No password required for Google accounts. Existing accounts can link a Google identity on the next sign-in.
  • Lighthouse monitors — Run Chrome-based performance audits on a schedule. Alert when your Core Web Vitals drop below threshold. Chromium is bundled in the worker container.
  • App Health monitors — Point siteRabbit at any JSON health endpoint. Configure the field path and expected values; alert when the response deviates.
  • Encryption at rest — Sensitive fields (totpSecret, webhook secrets, notification channel credentials) are now encrypted with AES-256-GCM before being stored in the database.

Improved

  • Invoice history — The Billing page now shows a full invoice table with PDF download links pulled from Stripe.
  • Trial enforcement — When the 12-day trial ends the dashboard enters a locked state until a plan is selected. Monitors and status pages pause automatically and resume on resubscription.
  • Notification anti-spam — Edge-triggered alerting via Redis prevents duplicate down alerts on every check cycle. Recovery alerts now fire exactly once when a monitor comes back up.
  • CSP hardening — Content Security Policy now covers script-src, style-src, frame-src, connect-src, and img-src with minimal allow-lists.

Fixed

  • JWT refresh tokens are now in httpOnly cookies, not localStorage.
  • Admin users no longer require an active subscription to access the dashboard or /internal/ops.
  • Google Sign-In button was previously a non-functional placeholder — it now works end-to-end.
v1.0

v1.0 — General Availability

v1.0 — May 20, 2026

We're live. After months of internal testing, siteRabbit is now available to everyone.

Launch features

  • 11 monitor types — HTTP/HTTPS, SSL certificate, domain expiry, DNS records, TCP port, ICMP ping, heartbeat/cron, sitemap, broken links, UDP port, gRPC
  • 9 notification channels — Email, Slack, Discord, Microsoft Teams, PagerDuty, SMS (Twilio), outbound webhooks, Telegram, OpsGenie
  • Multi-region checks — Checks run from all active regions simultaneously; consensus-based failure detection
  • Public status pages — Custom domains, subscriber notifications, incident management, RSS feeds, embeddable badges
  • 90-day uptime history — Daily rollups with response-time p50/p95 trends
  • Alert rules — Per-monitor rules with escalation delays and per-channel event filtering
  • Maintenance windows — Schedule recurring quiet periods; checks run but alerts are suppressed
  • TOTP two-factor authentication — Authenticator-app 2FA with backup codes
  • Team management — Invite members with Owner / Admin / Member roles
  • REST API — Scoped API keys, rate-limited endpoints, full monitor CRUD
  • Signed webhooks — HMAC-SHA256 signed payloads with retry and delivery logs
  • Billing — Stripe-powered subscription management with five plans ($17–$149/mo)

Plans

| Plan | Sites | Price | |------|-------|-------| | Starter | 5 | $17 / mo | | Growth | 10 | $29 / mo | | Business | 20 | $49 / mo | | Pro | 30 | $69 / mo | | Enterprise | 100 | $149 / mo |

All plans start with a 12-day free trial — no credit card required.